/**
 * $version:  0.1 
 * $Date: 2012-05-08
 *
 * Copyright (C) 2010-2012 Jawa Software. All rights reserved.
 *
 */
package org.jawa.admin;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang.StringUtils;
import org.jawa.core.util.JawaConstants;
import org.jawa.user.User;
import org.jawa.user.UserManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * 管理台用户登录控制
 */
public final class LoginServlet extends HttpServlet {

	private static final long serialVersionUID = -533293612573583289L;

	private static final Logger Log = LoggerFactory.getLogger(LoginServlet.class);

	// 登录验证页面
	private static String FORM_LOGIN_PAGE = null;
	// 登录出错页面
	private static String FORM_ERROR_PAGE = null;
	// 登录成功页面
	private static String FORM_TARGET_PAGE = null;

	/**
	 * 获取与初始化系统登录的参数.
	 * 
	 * @throws ServletException
	 *             if the init parameters are invalid or any other problems
	 *             occur during initialisation
	 */
	public void init() throws ServletException {
		FORM_LOGIN_PAGE = getInitParameter("form-login-page");
		FORM_ERROR_PAGE = getInitParameter("form-error-page");
		FORM_TARGET_PAGE = getInitParameter("form-target-page");

		Log.debug("登录验证页面: " + FORM_LOGIN_PAGE);
		Log.debug("登录出错页面: " + FORM_ERROR_PAGE);
		Log.debug("登录成功页面: " + FORM_TARGET_PAGE);
	}

	public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
		execute(request, response);
	}

	public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
		execute(request, response);
	}

	/**
	 * 处理http 请求.
	 * 
	 * @param request
	 *            The HTTP request we are processing
	 * @param response
	 *            The HTTP response we are creating
	 * 
	 * @exception IOException
	 *                if an input/output error occurs
	 * @exception ServletException
	 *                if a servlet exception occurs
	 */
	public void execute(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
		HttpSession session = request.getSession(true);
		String username = StringUtils.trimToEmpty(request.getParameter("j_username"));
		String password = StringUtils.trimToEmpty(request.getParameter("j_password"));
		boolean loginSuccess = false;
		UserManager userManager = UserManager.getInstance();
		User user = null;
		try {
			Log.debug("开始验证用户: '" + username + "'");

			user = userManager.getUserByUsername(username);
			if (null != user && StringUtils.equalsIgnoreCase(user.getUserPassword(), DigestUtils.md5Hex(password))) {
				loginSuccess = true;
			} else {
				// 用户不存在或密码不正确
				loginSuccess = false;
				Log.debug("登录用户不存在或密码错误! username:" + username);
			}
		} catch (Exception e) {
			Log.debug("用户登录时发生异常: '" + username + "'", e);
			loginSuccess = false;
		}

		if (loginSuccess) {
			// 登录成功，将用户信息放入 session 中
			session.setAttribute(JawaConstants.USER_KEY, user);
			// 初始化用户参数
			Log.debug("验证用户'" + username + "'成功,开始初始化用户参数信息!");
			initUserParameters(request, response, user);
			Log.debug("初始化用户'" + username + "'完成,转入成功页面!");

			response.sendRedirect(request.getContextPath() + response.encodeRedirectURL(FORM_TARGET_PAGE));
		} else {
			Log.debug("验证用户'" + username + "'失败,转入错误页面! ");
			// 转向定义的失败页面
			response.sendRedirect(request.getContextPath() + response.encodeRedirectURL(FORM_ERROR_PAGE));
		}
	}

	/**
	 * 初始化用户信息。
	 * 
	 * @param request
	 * @param response
	 */
	private void initUserParameters(HttpServletRequest request, HttpServletResponse response, User empl) {
		HttpSession session = request.getSession(true);
		
	}

}
